package com.dxg.provider.checker;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsChecker;
import org.springframework.util.Assert;

/**
 * @author dingxigui
 * @version 1.0
 * @date 2021/7/30 15:44
 */
public class DefaultPostAuthenticationChecks implements UserDetailsChecker {

  protected final Log logger = LogFactory.getLog(getClass());

  protected MessageSourceAccessor messages;

  public DefaultPostAuthenticationChecks(MessageSourceAccessor messages){
    this.messages = messages;
    Assert.notNull(messages,"MessageSourceAccessor 不能为空");
  }

  @Override
  public void check(UserDetails user) {
    if (!user.isCredentialsNonExpired()) {
      logger.debug("账号凭证已过期");

      throw new CredentialsExpiredException(messages.getMessage(
          "AbstractUserDetailsAuthenticationProvider.credentialsExpired",
          "User credentials have expired"));
    }
  }
}
